Why is my Samba domain member connecting to domain controllers in a trusting domain?

2

My problem is logspam. I have 2 Windows AD domains with Windows domain controllers. Domain A has some Ubuntu/Samba domain members. I have no issue using accounts in domain A to log into the servers, no problem accessing folders shared from the Ubuntu hosts using AD credentials. Domain B trusts Domain A (one way, intransitive). ON DOMAIN B domain controllers, I am continually (between 2 and 8 times per minute) logging a event 4625 An account failed to log on: Account name: LinuxA$@DomainA.dom status 0xC000006D (unknown username)

Why is Samba trying to go there and how can I make it stop?

Ubuntu 20.04 / Samba 4.11.6+dfsg-0ubuntu1.6

smb.conf:
[global]
        disable netbios = Yes
        domain master = No
        idmap gid = 10000-20000
        idmap uid = 10000-20000
        local master = No
        log file = /var/log/samba/log.%m
        logging = file
        map to guest = Bad User
        max log size = 1000
        obey pam restrictions = Yes
        pam password change = Yes
        panic action = /usr/share/samba/panic-action %d
        passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
        passwd program = /usr/bin/passwd %u
        realm = DOMAINA.DOM
        restrict anonymous = 2
        security = ADS
        server role = standalone server
        server string = %h server (Samba, Ubuntu)
        template shell = /bin/bash
        unix password sync = Yes
        winbind enum groups = Yes
        winbind enum users = Yes
        winbind use default domain = Yes
        workgroup = DOMAINA
        idmap config * : range = 10000-20000
        idmap config * : backend = tdb

Thank you for your consideration!

ubuntu
active-directory
samba
asked on Server Fault Feb 4, 2021 by Rick McClinton • edited Feb 4, 2021 by Rick McClinton

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0